summaryrefslogtreecommitdiff
path: root/tests
diff options
context:
space:
mode:
authorGaurav Sinha <gaurav.sinha@vyatta.com>2012-06-07 10:36:39 -0700
committerGaurav Sinha <gaurav.sinha@vyatta.com>2012-06-07 10:36:39 -0700
commit375a9a47f361a5abc7aa8674979a0ac881d45d90 (patch)
tree5ba0655e074c81026f93662f53207c02e53ce0cc /tests
parent8be92f09aadafa0cd2d946145ac5f86711229e70 (diff)
parentee7cde037f8c39981df1237db4e8d8abfc06692d (diff)
downloadconntrack-tools-375a9a47f361a5abc7aa8674979a0ac881d45d90.tar.gz
conntrack-tools-375a9a47f361a5abc7aa8674979a0ac881d45d90.zip
Merge branch 'cthelper12' of git://git.netfilter.org/conntrack-tools into pacifica
Conflicts: include/helper.h src/expect.c src/helpers/ftp.c src/helpers/rpc.c src/helpers/tns.c tests/conntrackd/cthelper/main.c tests/conntrackd/cthelper/run-test.sh
Diffstat (limited to 'tests')
-rwxr-xr-xtests/conntrackd/cthelper/main.c61
-rw-r--r--tests/conntrackd/cthelper/run-test.sh3
2 files changed, 56 insertions, 8 deletions
diff --git a/tests/conntrackd/cthelper/main.c b/tests/conntrackd/cthelper/main.c
index 695054a..f229c5d 100755
--- a/tests/conntrackd/cthelper/main.c
+++ b/tests/conntrackd/cthelper/main.c
@@ -2,6 +2,7 @@
#include <pcap.h>
#include <stdlib.h>
#include <stdint.h>
+#include <stdbool.h>
#include <netinet/ip.h>
#include <arpa/inet.h>
#include <string.h>
@@ -16,9 +17,15 @@
struct cthelper_test_stats cthelper_test_stats;
+enum {
+ TEST_NORMAL = 0,
+ TEST_DNAT,
+};
+
static int
cthelper_process_packet(const uint8_t *pkt, uint32_t pktlen,
- struct ctd_helper *h, int proto, uint16_t port)
+ struct ctd_helper *h, int proto, uint16_t port,
+ int type)
{
struct pkt_buff *pktb;
struct cthelper_proto_l2l3_helper *l3h;
@@ -94,7 +101,37 @@ cthelper_process_packet(const uint8_t *pkt, uint32_t pktlen,
return -1;
}
- ret = h->cb(pktb, dataoff, ct->myct, ctinfo);
+ /* tweak to run DNAT mangling code using the same PCAP file. */
+ if (type == TEST_DNAT) {
+ struct nf_conntrack *tmp = ct->myct->ct;
+ /* as long as this is tested, who cares the destination IP? */
+ in_addr_t addr = inet_addr("1.1.1.1");
+
+ /* clone the real conntrack, to add DNAT information */
+ ct->myct->ct = nfct_clone(ct->myct->ct);
+ /* set fake DNAT information */
+ nfct_set_attr_u32(ct->myct->ct, ATTR_STATUS, IPS_DST_NAT);
+ nfct_set_attr_u32(ct->myct->ct, ATTR_ORIG_IPV4_DST, addr);
+ /* pass it to helper */
+ ret = h->cb(pktb, dataoff, ct->myct, ctinfo);
+ /* restore real conntrack */
+ nfct_destroy(ct->myct->ct);
+ ct->myct->ct = tmp;
+
+ if (pktb_mangled(pktb)) {
+ int i;
+ uint8_t *data = pktb_network_header(pktb);
+
+ printf("\e[1;31mmangled content: ", pktb_len(pktb));
+
+ for (i=0; i < pktb_len(pktb); i++)
+ printf("%c", data[i]);
+
+ printf("\e[0m\n");
+ }
+ } else
+ ret = h->cb(pktb, dataoff, ct->myct, ctinfo);
+
pktb_free(pktb);
return ret;
@@ -102,7 +139,7 @@ cthelper_process_packet(const uint8_t *pkt, uint32_t pktlen,
static int
cthelper_test(const char *pcapfile, const char *helper_name,
- int l4proto, uint16_t port)
+ int l4proto, uint16_t port, int type)
{
struct pcap_pkthdr pcaph;
char errbuf[PCAP_ERRBUF_SIZE];
@@ -125,7 +162,8 @@ cthelper_test(const char *pcapfile, const char *helper_name,
}
while ((pkt = pcap_next(handle, &pcaph)) != NULL) {
cthelper_test_stats.pkts++;
- cthelper_process_packet(pkt, pcaph.caplen, h, l4proto, port);
+ cthelper_process_packet(pkt, pcaph.caplen, h, l4proto, port,
+ type);
}
ct_flush();
@@ -135,11 +173,12 @@ cthelper_test(const char *pcapfile, const char *helper_name,
int main(int argc, char *argv[])
{
- int ret, l4proto;
+ int ret, l4proto, type = TEST_NORMAL;
- if (argc != 5) {
+ if (argc < 5 || argc > 6) {
fprintf(stderr, "Wrong usage:\n");
- fprintf(stderr, "%s [pcap_file] [helper-name] [proto] [port]\n",
+ fprintf(stderr, "%s <pcap_file> <helper-name> <proto> "
+ "<port> [dnat]\n",
argv[0]);
fprintf(stderr, "example: %s file.pcap ftp tcp 21\n", argv[0]);
exit(EXIT_FAILURE);
@@ -153,13 +192,19 @@ int main(int argc, char *argv[])
argv[3]);
exit(EXIT_FAILURE);
}
+ if (argc == 6) {
+ if (strncmp("dnat", argv[5], strlen("dnat")) == 0) {
+ type = TEST_DNAT;
+ printf("test dnat\n");
+ }
+ }
/* Initialization of supported layer 3 and 4 protocols here. */
l2l3_ipv4_init();
l4_tcp_init();
l4_udp_init();
- if (cthelper_test(argv[1], argv[2], l4proto, atoi(argv[4])) < 0)
+ if (cthelper_test(argv[1], argv[2], l4proto, atoi(argv[4]), type) < 0)
ret = EXIT_FAILURE;
else
ret = EXIT_SUCCESS;
diff --git a/tests/conntrackd/cthelper/run-test.sh b/tests/conntrackd/cthelper/run-test.sh
index ccce3ac..fe31602 100644
--- a/tests/conntrackd/cthelper/run-test.sh
+++ b/tests/conntrackd/cthelper/run-test.sh
@@ -1,6 +1,9 @@
echo "Running test for oracle TNS port 1521"
./cthelper-test pcaps/oracle-tns-redirect.pcap tns tcp 1521
+echo "Running test for oracle TNS port 1521"
+./cthelper-test pcaps/oracle-tns-redirect.pcap tns tcp 1521 dnat
+
echo "Running test for NFSv3 UDP port 111"
./cthelper-test pcaps/nfsv3.pcap rpc udp 111